Privacy Risks of Explainable Artificial Intelligence (XAI) in Healthcare : An Empirical Study Using Machine Learning Models and Post-hoc Explainability Methods
4.15 MB
avoin
Julkaisu on tekijänoikeussäännösten alainen. Teosta voi lukea ja tulostaa henkilökohtaista käyttöä varten. Käyttö kaupallisiin tarkoituksiin on kielletty.
Lataukset28
Pysyvä osoite
Verkkojulkaisu
DOI
Tiivistelmä
This thesis examines the cybersecurity and privacy implications of Explainable Artificial Intelligence (XAI) methods in selected Machine Learning (ML) models. The study focuses on whether post-hoc explainability methods can expose sensitive information from healthcare datasets when applied to machine learning models.
The study was conducted using a modified synthetic healthcare dataset. The dataset consisted of 1,000 synthetic patient records with intentionally modified values to simulate privacy-related anomalies. Three machine learning models were implemented using the Scikit-learn library in JupyterLab: Decision Trees (DTs), Support Vector Machines (SVMs), and K-Nearest Neighbors (KNN). The explainability methods applied in the study were Local Interpretable Model-agnostic Explanations (LIME), Shapley Additive exPlanations (SHAP), and Explain Like I’m Five (ELI5).
The results indicate that XAI methods improve the transparency and interpretability of ML models but may also increase the exposure of sensitive information by highlighting influential patient features and unusual data patterns. Decision Trees worked as white-box models and were the most directly interpretable models, whereas SVMs and KNN worked as black-box models and required additional XAI methods for interpretability.
However, the applied privacy-preserving techniques may influence model behavior and should be carefully considered when interpreting the results. Increased privacy protection may be associated with reduced model accuracy and a potential increase in bias.
The study concludes that explainability and privacy must be carefully balanced when using AI systems in healthcare environments. European Union regulations and global legislation emphasize that patient information must be handled with appropriate privacy and security measures.